gecko-dev/dom/webauthn
J.C. Jones a51561a1c4 Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes
This change includes the FIDO "App ID" as part of the function used to generate
the wrapping key used in the NSS-based U2F soft token, cryptographically binding
the "Key Handle" to the site that Key Handle is intended for.

This is a breaking change with existing registered U2F keys, but since our soft
token is hidden behind a pref, it does not attempt to be backward-compatible.

- Updated for rbarnes' and qdot's reviews comments. Thanks!
- Made more strict in size restrictions, and added a version field
  to help us be this strict.
- Bugfix for an early unprotected buffer use (Thanks again rbarnes!)
- Fix a sneaky memory leak re: CryptoBuffer.ToSECItem

MozReview-Commit-ID: Jf6gNPauT4Y

--HG--
extra : rebase_source : 4ff5898e93e4a0a75576e5e54035a1cb6dd952d7
2017-02-01 15:21:04 -07:00
..
tests
moz.build Bug 1335099 - add BUG_COMPONENT to many dom/* subdir files. r=overholt 2017-02-06 09:45:55 -05:00
NSSU2FTokenRemote.cpp Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes 2017-02-01 15:21:04 -07:00
NSSU2FTokenRemote.h
ScopedCredential.cpp
ScopedCredential.h
ScopedCredentialInfo.cpp
ScopedCredentialInfo.h
WebAuthentication.cpp Bug 1260318 - Scope U2F Soft Tokens to a single AppID r=qdot,rbarnes 2017-02-01 15:21:04 -07:00
WebAuthentication.h
WebAuthnAssertion.cpp
WebAuthnAssertion.h
WebAuthnAttestation.cpp
WebAuthnAttestation.h
WebAuthnRequest.h